package shiro;

import controller.role;
import dao.AdministratorDao;
import dao.positionDao;
import entity.Administrator;
import entity.Position;
import org.apache.shiro.authc.*;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.apache.shiro.util.ByteSource;
import org.springframework.beans.factory.annotation.Autowired;
    public class MyRealm  extends AuthorizingRealm {
        @Autowired
        private AdministratorDao administratorDao;
        @Autowired
        private positionDao positionDao;
        @Autowired
        private AdministratorDao admins;
        //授权
        @Override
        protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
            System.out.println("执行了授权方法...");
           /* SimpleAuthorizationInfo info = new SimpleAuthorizationInfo() ;*/
          /*  String username = (String) principalCollection.getPrimaryPrincipal() ;
            Position position = positionDao.getRoleByUserName(username);
            System.out.println(role.getRcode() + "------------------------------");
            info.addRole(role.getRcode());*/
            return null;
        }
        //认证
        @Override
        protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {

            UsernamePasswordToken token = (UsernamePasswordToken)authenticationToken ;
            String username = token.getUsername() ;
            //1.根据用户名从数据库表中获取用户的密码
           String pwd = administratorDao.flagUserName(username);
            if(pwd==null || "".equals(pwd)){
                //如果return null
                //则会在抛出异常
                return  null ;
            }
            SimpleAuthenticationInfo info = new SimpleAuthenticationInfo(username,pwd, ByteSource.Util.bytes("Shiro"),"myrealm") ;
            return info;

    }

}
